This is roughly speaking a table showing the top N SBL listings that are spamming us over the past 28 and change days. I generated it by grabbing all rejected IP addresses, looking them up in the SBL, and counting how many hits each SBL listing accumulated.

There were 2522 rejected IP addresses that are now/still in the SBL in total, out of about 35000 that we rejected overall over the time period, so about 7% of the IP addresses we rejected are in the SBL. (Perhaps I will next do these numbers for the CBL.)

This isn't a perfect picture of what the SBL would have done to each of these IP addresses. There are several sources of inaccuracies:

• SBL listings get removed, so some IPs we rejected as SBL-listed when they tried are not SBL-listed now and so are not getting counted.
• not all of these IP addresses got rejected for being SBL-listed, since we check DNS blocklists after other criteria.
• some IP addresses we rejected back then for other reasons may now be SBL-listed.

(Also, by the time you read this blog entry some or many of these SBL listings may have been removed. That's one reason why I date these things.)

Interestingly (and depressingly) the leading SBL listings are located in the US, Canada, and Britain, not in the howling spam-infested wilds of China, Russia, and the like. You have to go all the way down to SBL27934, the first webmail machine, before you find something in another country. China and Korea themselves are surprisingly far down the list (perhaps because they are mostly used for website hosting and less for outright spam-sending).

Most of the listings are quite recent, from April/May and later of 2005. (I believe I have annotated all of the ones that are older than that.)

Over the same time period, 9 IP addresses that were in the SBL when we rejected them got unlisted. Since the SBL doesn't keep old listings, there's no way to tell what they were listed for, or why they got delisted; since they did get delisted, I will avoid naming them here.